Mobile communications networks are expanding and utilize multiple technologies and interconnects to carry signaling messages used to establish communications over the networks. Home network elements of a core network are typically not connected to foreign or visited networks. Instead, interconnect networks are used to forward signaling between the home network and other networks. This makes the home networks susceptible to Diameter security attacks, which can be introduced through a compromised remote foreign network.
Different types of Diameter security attacks can be introduced into an operator's home network through an interconnect network. Such attacks may be introduced through interconnect signaling traffic from roaming networks. Some examples of attacks are subscriber denial of service (DoS) attacks, location tracking attacks, and fraud attacks. These attacks may be effected by spoofing or impersonating the identity of foreign network elements. For example, identifiers for a serving MME and home subscriber server (HSS) may be spoofed in incoming messages. In one example, an attacker can send Diameter update location request messages to the home HSS of the subscriber. A spoofed update location request message may include a fake MME that is different from the MME where a user equipment (UE) is currently registered. The HSS may respond to the spoofed update location request message with and update location answer message including subscription information that is delivered to the attacker instead of a valid MME. In addition, the HSS updates the subscriber's location to point to the attacker so that communications intended for the subscriber are first sent to the attacker, which acts as a “man in the middle” eavesdropping on communications involving the subscriber while relaying the communications to and from the subscriber.
Accordingly, there exists a need for methods, systems, and computer readable media for MME authentication for outbound roaming subscribers using a DEA.